$ rpki-client -vvf rpki.apnic.net/member_repository/A91EE03B/AF9671660B6E11EEB29BB170C4F9AE02/3F3EDA068CAB11EF8A61C244C4F9AE02.roa File: 3F3EDA068CAB11EF8A61C244C4F9AE02.roa (raw, json) Hash identifier: QYliwuhpBsvgSGK1vLAPrcQWygTigKnQuRmPkcl4npY= Subject key identifier: E1:13:60:DF:EA:E3:CB:AF:1D:44:19:51:C3:BD:70:B9:68:D1:EE:DA Certificate issuer: /CN=A91EE03B/serialNumber=B9E60CF179F4EACBDB9492BA5F7CACF45239CCF4 Certificate serial: 0159 Authority key identifier: B9:E6:0C:F1:79:F4:EA:CB:DB:94:92:BA:5F:7C:AC:F4:52:39:CC:F4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ueYM8Xn06svblJK6X3ys9FI5zPQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EE03B/AF9671660B6E11EEB29BB170C4F9AE02/3F3EDA068CAB11EF8A61C244C4F9AE02.roa Signing time: Tue 12 Nov 2024 22:20:16 +0000 ROA not before: Tue 12 Nov 2024 22:20:16 +0000 ROA not after: Tue 30 Sep 2025 00:00:00 +0000 asID: 153371 IP address blocks: 103.224.172.0/23 maxlen: 24 2401:b60:37::/48 maxlen: 48 2401:b60:38::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EE03B/AF9671660B6E11EEB29BB170C4F9AE02/ueYM8Xn06svblJK6X3ys9FI5zPQ.crl rsync://rpki.apnic.net/member_repository/A91EE03B/AF9671660B6E11EEB29BB170C4F9AE02/ueYM8Xn06svblJK6X3ys9FI5zPQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ueYM8Xn06svblJK6X3ys9FI5zPQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 03:10:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 345 (0x159) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EE03B/serialNumber=B9E60CF179F4EACBDB9492BA5F7CACF45239CCF4 Validity Not Before: Nov 12 22:20:16 2024 GMT Not After : Sep 30 00:00:00 2025 GMT Subject: CN=6733d4a0-bc13 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:e5:b8:d0:bd:d3:b0:d7:3e:65:54:a1:fd:67: 34:3e:a8:14:9a:4c:3f:80:0c:3f:74:4a:ba:bc:e4: df:f0:96:1d:d8:8b:02:3c:32:f8:68:b6:51:1c:7c: 21:4e:c1:fd:33:0c:cf:c8:2b:08:e1:2d:9e:f5:e7: d6:8e:48:85:e6:0e:a5:09:cd:21:f5:90:83:8e:25: b9:d9:54:b3:0d:ae:7f:64:8d:9f:c7:2f:ca:33:fb: 6f:1e:5c:31:9e:c6:8c:eb:26:ce:6d:0d:9a:1b:0a: 97:2e:5d:28:0e:f1:09:e7:4e:e0:5f:bb:48:a6:48: 56:10:91:f4:be:97:87:91:53:11:80:72:d5:8f:31: 9c:d1:f0:61:80:d9:0f:3e:cd:b9:a9:63:a5:d7:da: 2c:7d:f8:2b:e5:d8:57:2a:82:24:e2:3a:ec:ca:fb: cc:d7:b2:e7:4c:82:ef:0f:5c:37:9a:98:23:f3:d2: 4f:2f:67:14:56:92:d7:80:95:30:6d:2c:f4:d7:1b: 72:26:ad:3d:db:ae:ab:c6:f4:9b:9a:26:25:0a:b4: 8d:fd:2f:47:81:84:e8:e1:0a:a8:17:fd:7d:d4:9a: 81:9c:69:65:9b:33:6f:a0:ff:77:db:47:2e:0e:01: 5b:40:cf:62:d2:56:49:92:c1:b8:79:fb:0f:3c:8b: 25:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:13:60:DF:EA:E3:CB:AF:1D:44:19:51:C3:BD:70:B9:68:D1:EE:DA X509v3 Authority Key Identifier: keyid:B9:E6:0C:F1:79:F4:EA:CB:DB:94:92:BA:5F:7C:AC:F4:52:39:CC:F4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EE03B/AF9671660B6E11EEB29BB170C4F9AE02/ueYM8Xn06svblJK6X3ys9FI5zPQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ueYM8Xn06svblJK6X3ys9FI5zPQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EE03B/AF9671660B6E11EEB29BB170C4F9AE02/3F3EDA068CAB11EF8A61C244C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.224.172.0/23 IPv6: 2401:b60:37::-2401:b60:38:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 5c:35:c1:3e:1c:42:01:bd:29:a2:e8:90:e7:40:12:4c:8f:d9: 03:74:9f:0a:7b:db:00:ce:bd:fc:ee:ed:96:22:b6:27:4d:14: ec:97:8c:40:b9:4e:c2:e8:30:6b:65:de:4d:64:63:72:d4:b1: 26:a1:db:85:04:c4:aa:1a:4f:0b:d6:b0:7a:a5:9f:69:c9:ed: 3e:ac:76:fd:c4:63:3b:0c:c2:7b:7d:62:96:ea:bf:02:70:38: 11:b2:12:c9:02:6a:5a:8f:26:55:86:41:b2:3b:f1:fa:1d:ad: ce:08:c9:14:da:ae:e0:9e:ee:90:68:42:2d:1e:e6:e4:d4:23: c8:28:9e:45:34:f5:67:83:af:c5:d0:34:79:90:5d:1b:7e:9e: 23:6f:ca:ff:a1:bf:f9:96:37:4f:d6:22:cc:8d:ed:3c:f0:be: fe:b9:cb:fa:71:49:44:f7:b2:4f:e8:2f:e0:af:96:aa:86:3e: e9:f8:5b:9c:ad:d2:f7:b0:1d:0f:ed:53:8d:94:6d:82:6a:1b: 49:42:b5:07:04:a9:4e:19:1b:9a:95:20:37:d1:13:cb:b1:bc: 38:5a:d9:dc:9a:b4:3b:3e:29:1d:a4:b6:ed:1d:7a:ca:d7:9b: 87:80:1d:bd:0e:a5:bf:2d:18:bb:4c:af:8b:24:10:16:7e:94: 9e:31:0e:0b -----BEGIN CERTIFICATE----- MIIFjTCCBHWgAwIBAgICAVkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUUwM0IxMTAvBgNVBAUTKEI5RTYwQ0YxNzlGNEVBQ0JEQjk0OTJCQTVGN0NBQ0Y0 NTIzOUNDRjQwHhcNMjQxMTEyMjIyMDE2WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NzMzZDRhMC1iYzEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxuW40L3TsNc+ZVSh/Wc0PqgUmkw/gAw/dEq6vOTf8JYd2IsCPDL4aLZRHHwh TsH9MwzPyCsI4S2e9efWjkiF5g6lCc0h9ZCDjiW52VSzDa5/ZI2fxy/KM/tvHlwx nsaM6ybObQ2aGwqXLl0oDvEJ507gX7tIpkhWEJH0vpeHkVMRgHLVjzGc0fBhgNkP Ps25qWOl19osffgr5dhXKoIk4jrsyvvM17LnTILvD1w3mpgj89JPL2cUVpLXgJUw bSz01xtyJq09266rxvSbmiYlCrSN/S9HgYTo4QqoF/191JqBnGllmzNvoP9320cu DgFbQM9i0lZJksG4efsPPIsl9QIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFOETYN/q 48uvHUQZUcO9cLlo0e7aMB8GA1UdIwQYMBaAFLnmDPF59OrL25SSul98rPRSOcz0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRTAzQi9BRjk2NzE2NjBC NkUxMUVFQjI5QkIxNzBDNEY5QUUwMi91ZVlNOFhuMDZzdmJsSks2WDN5czlGSTV6 UFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3VlWU04WG4wNnN2YmxKSzZYM3lzOUZJNXpQUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RUUwM0IvQUY5NjcxNjYwQjZFMTFFRUIyOUJCMTcwQzRGOUFFMDIvM0YzRURBMDY4 Q0FCMTFFRjhBNjFDMjQ0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOwYIKwYBBQUHAQcBAf8E LDAqMAwEAgABMAYDBAFn4KwwGgQCAAIwFDASAwcAJAELYAA3AwcAJAELYAA4MA0G CSqGSIb3DQEBCwUAA4IBAQBcNcE+HEIBvSmi6JDnQBJMj9kDdJ8Ke9sAzr387u2W IrYnTRTsl4xAuU7C6DBrZd5NZGNy1LEmoduFBMSqGk8L1rB6pZ9pye0+rHb9xGM7 DMJ7fWKW6r8CcDgRshLJAmpajyZVhkGyO/H6Ha3OCMkU2q7gnu6QaEItHubk1CPI KJ5FNPVng6/F0DR5kF0bfp4jb8r/ob/5ljdP1iLMje088L7+ucv6cUlE97JP6C/g r5aqhj7p+FucrdL3sB0P7VONlG2CahtJQrUHBKlOGRualSA30RPLsbw4WtncmrQ7 PikdpLbtHXrK15uHgB29DqW/LRi7TK+LJBAWfpSeMQ4L -----END CERTIFICATE-----Generated at Thu Nov 21 05:06:08 2024 by rpki-client on console-fra.rpki-client.org